[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cannot create a database with more than one level of subordination

Your errors may be caused by changed in ldbm from 2.1 to 2.2.  Maybe you can db_upgrade?  I'm not sure on the specifics of that for ldbm, but it's worth investigation.

On a general note, why are you splitting the directory into multiple servers lik this?

On 9/6/05, Dmitriy Stepanenko < mpolk@kt-privat.donetsk.ua> wrote:
Hi all,

Did not anybody encounter the following problem? Or can explain me where
I am wrong (if I really am)?

I try to create an OpenLDAP database with more than one level of
subordination. It should look like this (the picture is somewhat
simplified by not showing some unrelated details like other branches):

dc=kt-privat,dc=donetsk,dc=ua    - the topmost level
dc=druzh,dc=kt-privat,dc=donetsk,dc=ua    - the next level, stored in
its own database
dc=micro7,dc=druzh,dc=kt-privat,dc=donetsk,dc=ua    - one more level,
also with its own database

I want to have an OpenLDAP server on each level. Or, to be more precise,
I want to have 3 servers, each holding databases for all three levels,
but the first server should be responsible for the topmost level master
replica, the second one - for the master replica of the second level and
so on. Each server should replicate the changes in its corresponding
master replica to all other ones. I hope I've managed to explain what I
mean despite of the quality of my English :-)

All this worked as long as there where only two levels. Two-level
configuration now without any problems in my "real-life" environment.
Moreover, everything seemed to be good when I've tried to add the third
level (dc=micro7,...) to OpenLDAP 2.1.xxx server (I don't remember the
minor release number). But when I've tried the same thing on the
OpenLDAP 2.2.13 server, I've got an error.

When I tried to populate the newly created level with the initial record
(containing information about this "dc" itself) I got the following
message from the "ldapadd":
-------------8><--------------------------------
adding new entry "dc=micro7,dc=druzh,dc=kt-privat,dc=donetsk,dc=ua"
ldap_add: Internal (implementation specific) error (80)
        additional info: 8∙╣
                                и├╖
-------------8><--------------------------------

When I copied the database generated on the 2.1 server to the 2.2
server, the server started normally, but I observed errors when I tried
to access even the second level of the tree with various LDAP clients.

Unfortunately, I cannot run OpenLDAP 2.1 on all of my servers. The older
servers run Fedora Core 1, which comes with OpenLDAP 2.1.x. The newer
ones run Fedora Core 3 with OpenLDAP 2.2.13 and I don't want to install
other versions OpenLDAP (at least the versions, for which I have not
RPMs). I've built OpenLDAP 2.2.26 RPM for FC3, but this version exposes
exactly the same behaviour as 2.2.13. To build a 2.3.6 RPM was not so
easy. Probably I could try harder and build it, if I was sure it would help.

So, does anybody knows, what is wrong? Isn't my configuration illegal by
its nature (I don't feel myself a big specialist in LDAP)? Or perhaps
this is a known bug in OpenLDAP 2.2.x?

My "slapd.conf " follows. If some additional details could be helpful, I
will supply them.
-------------8><-- slapd.conf ------------------------------
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#